Db2 port usage information

In a multi-node environment with Firewall enabled, the user must ensure specific ports are opened in the Firewall rules to have a functioning instance.

This is required to allow communication between all hosts in the cluster. The following ports need to be opened between all public and private interfaces on the hosts being used by the Db2® instance.

  1. Loopback IP - allow all input traffic on this IP (
  2. SSH communication port.
  3. RSH communication port.
  4. In a pureScale/HA environment, ports required for TSA, RSCT and Spectrum Scale communication needs to be opened in Firewall rules.

    Refer to the Db2 cluster services port usage information page for which ports to use.

  5. Allow traffic from client servers.
  6. Allow traffic from disk server.
  7. In environments with a Db2 managed or user-managed spectrum Scale cluster, allow communication on the Spectrum scale port range. It is the range of ports that is associated with the tscCmdPortRange option when running the following command:
    db2cluster -cfs -list -configuration
  8. Port range specified for the DB2_FIREWALL_PORT_RANGE variable.
  9. Allow incoming and outgoing pings on all hosts in the cluster.
  10. Allow communication on the DB2_<instance> ports that have been defined in the /etc/services file.
  11. In a pureScale instance, allow traffic on the CF related ports (DB2CF_<instance>_MGMT and DB2CF_<instance> ports in the /etc/services file).